The present disclosure relates to a method and device for performing access control by authenticating an electronic device and performing secure ranging. The method may include: receiving, from a server, a device certificate including a first scrambled timestamp sequence (STS) code encrypted by a public key of the electronic device and a second STS code encrypted by an STS key; transmitting the device certificate to a target device; obtaining the first STS code by decrypting the encrypted first STS code by using a secret key of the electronic device: and performing secure ranging with the target device by using the first STS code.

Identity access and management (“IAM”) systems with resiliency features and methods related to the same are provided. Two or more identity provider (“IDP”) systems each have a matching copy of user authentication data for users authorized to access the system of an organization. An identity proxy is interposed between user systems and each of the two or more IDP system. The identity proxy routes authentication requests, challenges, and responses between the user systems and the IDP systems based on availability.

A method and apparatus for providing user key material from a server to a client is disclosed. The method comprises receiving a first message from the client in a server, the first message having a user key material request, an access token and an identifier of a transport key (TrK-ID), validating the user key material request according to the access token, generating a response having user key material responsive to the user key material request, encrypting the response according to the transport key (TrK), and transmitting a second message comprising the response from the server to the client. The client decrypts the second message according to the transport key (TrK) and validates the second message using the identifier of the transport key (TrK-ID).

A system for protecting an information handling system from alterations in chain sequencing uses a root of trust to secure transition points between entities in a sequence according to a chain of trust stored in a chain of trust database. Before transitioning control from a first entity transferring control to a second entity receiving control, the root of trust validates the transferring entity and the receiving entity. Failure to validate both entities results in the root of trust stopping the boot process to prevent malicious code from interfering with the BIOS executing the correct steps in the process.

The present disclosure relates to a communication method and system for converging a 5.sup.th-Generation (5G) communication system for supporting higher data rates beyond a 4.sup.th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. The present disclosure describes a method and device for setting the state of a bundle after the bundle has been transmitted between smart security media.

Generally discussed herein are devices, systems, and methods for binding with cryptographic key attestation. A method can include generating, by hardware of a device, a device public key and a device private key, based on the device private key, signing a first attestation resulting in a signed first attestation, the first attestation claiming the device private key originated from the hardware, based on the device public key and the signed first attestation, registering the device with a trusted authority, generating, by the hardware, a first application private key and a first application public key, and based on the device private key, signing a second attestation resulting in a signed second attestation, the second attestation claiming the first application private key originated from the hardware, and based on the first application public key and the signed second attestation, registering a first application of the device to a first server.

A blockchain platform is provided for creating original non-fungible tokens (NFTs) and prints of the original NFTs. The platform creates a market for purchasing and selling prints of the original NFTs. The purchase price and the sale price for a print is determined based on a bonding curve and a total supply of the prints of the original NFT. The platform may also generate content (e.g., artwork and/or music) associated with the original NFTs. The content may be generated from logic that is stored on the blockchain.

A device can establish operational credentials for enabling the device to provide an attestation of the device's identity to another party, by performing a method comprising: obtaining bootstrap credentials from a hardware secure element or a trusted execution environment (TEE) of the device; using the bootstrap credentials to establish a secure session with an enrolment server; and via the secure session, establishing the operational credentials with the enrolment server.

In a key management method performed by a terminal, a device key including a device public key and a device private key is generated in a security zone. A local device parameter and the device public key are transmitted to a certificate authentication server. A device certificate fed back by the certificate authentication server is received by the terminal. The signature data of the device certificate is generated by signing the device parameter and the device public key by using an authentication private key of the certificate authentication server. The terminal then stores the device private key and the device certificate in the security zone.

A first entity stores an issuer digital certificate published by a certificate authority (CA) and signed by the issuer certificate; and also stores an old issuer digital certificate published by the CA prior to publication of the issuer digital certificate and an old first entity digital certificate signed by the old issuer digital certificate. The first entity attempts to initiate a secure communication session with a second entity by receiving a second entity digital certificate from the second entity via an electronic network, and sending either the first entity digital certificate or the old first entity digital certificate to the second entity based on which of the issuer digital certificate or the old issuer digital certificate is effective to authenticate the second entity digital certificate received from the second entity. The secure communication session is conducted only if the attempt to initiate the secure communication session is successful.